A processor includes an instruction fetcher, a decoder, and an instruction processor. The instruction fetcher retrieves encoded machine-language instructions. The encoded machine-language instructions are encoded according to a predetermined key assigned only to the processor. The predetermined key is independent of opcodes of the processor. The decoder decodes each of the encoded machine-language instructions according to the predetermined key. The instruction processor executes the decoded machine-language instructions.

Patent
   7941640
Priority
Aug 25 2006
Filed
Aug 25 2006
Issued
May 10 2011
Expiry
May 01 2027
Extension
249 days
Assg.orig
Entity
Large
1
23
all paid
23. A method for a processor, the method comprising:
storing encoded machine-language instructions, wherein the encoded machine-language instructions are encoded according to a predetermined key assigned only to the processor, and wherein the predetermined key is independent of opcodes of the processor;
decoding each of the encoded machine-language instructions according to the predetermined key; and
executing the decoded machine-language instructions.
1. A processor comprising:
an instruction fetcher to retrieve encoded machine-language instructions, wherein the encoded machine-language instructions are encoded according to a predetermined key assigned only to the processor, and wherein the predetermined key is independent of opcodes of the processor;
a decoder to decode each of the encoded machine-language instructions according to the predetermined key; and
an instruction processor to execute the decoded machine-language instructions.
30. A computer program executable on a processor, comprising:
instructions for storing encoded machine-language instructions, wherein the encoded machine-language instructions are encoded according to a predetermined key assigned only to the processor, and wherein the predetermined key is independent of opcodes of the processor;
instructions for decoding each of the encoded machine-language instructions according to the predetermined key; and
instructions for executing the decoded machine-language instructions.
14. A processor comprising:
instruction fetching means for retrieving encoded machine-language instructions, wherein the encoded machine-language instructions are encoded according to a predetermined key assigned only to the processor, and wherein the predetermined key is independent of opcodes of the processor;
decoding means for decoding each of the encoded machine-language instructions according to the predetermined key; and
instruction processing means for executing the decoded machine-language instructions.
2. The processor of claim 1, further comprising:
a memory to store one or more tables comprising associations between the encoded machine-language instructions and the decoded machine-language instructions, wherein the one or more tables are generated according to the predetermined key;
wherein the decoder uses the one or more tables to decode each of the encoded machine-language instructions.
3. The processor of claim 1:
wherein at least one of the encoded machine-language instructions comprises a fixed portion and a variable portion; and
wherein the decoder decodes only the fixed portion of the at least one of the encoded machine-language instructions.
4. The processor of claim 3:
wherein the fixed portion of the at least one of the encoded machine-language instructions comprises opcodes in a machine language of the instruction processor.
5. An integrated circuit comprising the processor of claim 1.
6. A network device incorporating the processor according to claim 1, the network device comprising:
a communication circuit in communication with the processor.
7. The network device of claim 6, wherein the network device is selected from a group consisting of:
a network switch;
a router; and
a network interface controller.
8. A wireless network device incorporating the processor according to claim 6, wherein the wireless network device is compliant with at least one standard selected from a group consisting of IEEE standards 802.11, 802.11a, 802.11b, 802.11e, 802.11g, 802.11k, 802.11n, 802.11v, 802.11w, 802.16, and 802.20.
9. The network device of claim 6, wherein the communication circuit comprises:
a media access controller (MAC) having a MAC address;
wherein the predetermined key is based on the MAC address.
10. The processor of claim 1:
wherein the decoder decodes each of the encoded machine-language instructions according to the predetermined key to recover original machine-language instructions.
11. The processor of claim 1:
wherein a processor fault occurs when one of the decoded machine-language instructions is different than each one of original machine-language instructions.
12. The processor of claim 1:
wherein the encoded machine-language instructions include predetermined substitute instructions for original machine-language instructions; and
wherein the predetermined substitute instructions are mapped to the original machine-language instructions based on the predetermined key.
13. The processor of claim 12:
wherein the decoder recovers the original machine-language instructions from the predetermined substitute instructions using the predetermined key.
15. The processor of claim 14, further comprising:
memory means for storing one or more tables comprising associations between the encoded machine-language instructions and the decoded machine-language instructions, wherein the one or more tables are generated according to the predetermined key;
wherein the decoding means uses the one or more tables to decode each of the encoded machine-language instructions.
16. The processor of claim 14:
wherein at least one of the encoded machine-language instructions comprises a fixed portion and a variable portion; and
wherein the decoding means decodes only the fixed portion of the at least one of the encoded machine-language instructions.
17. The processor of claim 16:
wherein the fixed portion of the at least one of the encoded machine-language instructions comprises opcodes in a machine language of the instruction processing means.
18. An integrated circuit comprising the processor of claim 14.
19. A network device incorporating the processor according to claim 14, the network device comprising:
means for communicating in communication with the processor.
20. The network device of claim 19, wherein the network device is selected from a group consisting of:
a network switch;
a router; and
a network interface controller.
21. A wireless network device incorporating the processor according to claim 19, wherein the wireless network device is compliant with at least one standard selected from a group consisting of IEEE standards 802.11, 802.11a, 802.11b, 802.11e, 802.11g, 802.11k, 802.11n, 802.11v, 802.11w, 802.16, and 802.20.
22. The network device of claim 19:
wherein the means for communicating is associated with a media access controller (MAC) address;
wherein the predetermined key is based on the MAC address.
24. The method of claim 23, further comprising:
retrieving the encoded machine-language instructions from a memory.
25. The method of claim 23, further comprising:
storing one or more tables comprising associations between the encoded machine-language instructions and the decoded machine-language instructions, wherein the one or more tables are generated according to the predetermined key;
wherein decoding each of the encoded machine-language instructions comprises using the one or more tables to decode the encoded machine-language instructions.
26. The method of claim 25, further comprising:
retrieving the one or more tables from a memory.
27. The method of claim 23:
wherein at least one of the encoded machine-language instructions comprises a fixed portion and a variable portion; and
wherein decoding each of the encoded machine-language instructions comprises decoding only the fixed portion of the at least one of the encoded machine-language instructions.
28. The method of claim 27:
wherein the fixed portion of the at least one of the encoded machine-language instructions comprises opcodes in a machine language employed in executing the decoded machine-language instructions.
29. The method of claim 23:
wherein the predetermined key is based on a media access controller (MAC) address.
31. The computer program of claim 30, further comprising:
instructions for retrieving the encoded machine-language instructions from a memory.
32. The computer program of claim 30, further comprising:
instructions for storing one or more tables comprising associations between the encoded machine-language instructions and the decoded machine-language instructions, wherein the one or more tables are generated according to the predetermined key;
wherein the instructions for decoding each of the encoded machine-language instructions comprise instructions for using the one or more tables to decode the encoded machine-language instructions.
33. The computer program of claim 32, further comprising:
instructions for retrieving the one or more tables from a memory.
34. The computer program of claim 30:
wherein at least one of the encoded machine-language instructions comprises a fixed portion and a variable portion; and
wherein the instructions for decoding each of the encoded machine-language instructions comprise instructions for decoding only the fixed portion of the at least one of the encoded machine-language instructions.
35. The computer program of claim 34:
wherein the fixed portion of the at least one of the encoded machine-language instructions comprises opcodes in a machine language employed in executing the decoded machine-language instructions.
36. The computer program of claim 30:
wherein the predetermined key is based on a media access controller (MAC) address.

The present invention relates generally to data processing. More particularly, the present invention relates to secure processors having encoded instructions.

Network devices such as computers and other data communications equipment are vulnerable to certain types of attacks that are implemented by causing the processor in the network device to execute malicious instructions in the form of machine-language instructions loaded into the network device by an attacker. For example, because the x86 processor is by far the most common type of processor in today's network devices, an attacker may simply assume that the target device is an x86 processor, and push x86 machine-language instructions into the processor of the network device after exploiting a flaw in the operating software stack. In the very likely event that the processor is an x86 processor, the processor unknowingly executes the machine-language instructions, thereby allowing the attacker to take control of the network device.

In general, in one aspect, the invention features a processor comprising an instruction fetcher to retrieve encoded machine-language instructions, wherein the encoded machine-language instructions are encoded according to a predetermined key; a decoder to decode each of the encoded machine-language instructions according to the predetermined key; and an instruction processor to execute the decoded machine-language instructions.

Some embodiments comprise a memory to store one or more tables comprising associations between the encoded machine-language instructions and the decoded machine-language instructions, wherein the one or more tables are generated according to the predetermined key; wherein the decoder uses the one or more tables to decode each of the encoded machine-language instructions. In some embodiments, at least one of the encoded machine-language instructions comprises a fixed portion and a variable portion; and the decoder decodes only the fixed portion of the at least one of the encoded machine-language instructions. In some embodiments, the fixed portion of the at least one of the encoded machine-language instructions comprises opcodes in a machine language of the instruction processor. Some embodiments comprise an integrated circuit comprising the processor. Some embodiments comprise a network device incorporating the processor, the network device comprising: a communication circuit in communication with the processor. In some embodiments, the network device is selected from the group consisting of: a network switch; a router; and a network interface controller. Some embodiments comprise a wireless network device incorporating the processor, wherein the wireless network device is compliant with at least one standard selected from the group consisting of IEEE standards 802.11, 802.11a, 802.11b, 802.11e, 802.11g, 802.11k, 802.11n, 802.11v, 802.11w, 802.16, and 802.20. In some embodiments, the communication circuit comprises: a media access controller (MAC) having a MAC address; wherein the predetermined key is based on the MAC address.

In general, in one aspect, the invention features a processor comprising: instruction fetching means for retrieving encoded machine-language instructions, wherein the encoded machine-language instructions are encoded according to a predetermined key; decoding means for decoding each of the encoded machine-language instructions according to the predetermined key; and instruction processing means for executing the decoded machine-language instructions. Some embodiments comprise memory means for storing one or more tables comprising associations between the encoded machine-language instructions and the decoded machine-language instructions, wherein the one or more tables are generated according to the predetermined key; wherein the decoding means uses the one or more tables to decode each of the encoded machine-language instructions. In some embodiments, at least one of the encoded machine-language instructions comprises a fixed portion and a variable portion; and the decoding means decodes only the fixed portion of the at least one of the encoded machine-language instructions. In some embodiments, the fixed portion of the at least one of the encoded machine-language instructions comprises opcodes in a machine language of the instruction processing means. Some embodiments comprise an integrated circuit comprising the processor. Some embodiments comprise a network device incorporating the processor, the network device comprising: a communication circuit in communication with the processor. In some embodiments, the network device is selected from the group consisting of: a network switch; a router; and a network interface controller. Some embodiments comprise a wireless network device incorporating the processor, wherein the wireless network device is compliant with at least one standard selected from the group consisting of IEEE standards 802.11, 802.11a, 802.11b, 802.11e, 802.11g, 802.11k, 802.11n, 802.11v, 802.11w, 802.16, and 802.20. In some embodiments, the communication circuit comprises: a media access controller (MAC) having a MAC address; wherein the predetermined key is based on the MAC address.

In general, in one aspect, the invention features a method comprising: storing encoded machine-language instructions, wherein the encoded machine-language instructions are encoded according to a predetermined key; decoding each of the encoded machine-language instructions according to the predetermined key; and executing the decoded machine-language instructions.

Some embodiments comprise retrieving the encoded machine-language instructions from a memory. Some embodiments comprise storing one or more tables comprising associations between the encoded machine-language instructions and the decoded machine-language instructions, wherein the one or more tables are generated according to the predetermined key; wherein decoding each of the encoded machine-language instructions comprises using the one or more tables to decode the encoded machine-language instructions. Some embodiments comprise retrieving the one or more tables from a memory. In some embodiments, at least one of the encoded machine-language instructions comprises a fixed portion and a variable portion; and decoding each of the encoded machine-language instructions comprises decoding only the fixed portion of the at least one of the encoded machine-language instructions. In some embodiments, the fixed portion of the at least one of the encoded machine-language instructions comprises opcodes in a machine language employed in executing the decoded machine-language instructions. In some embodiments, the predetermined key is based on a media access controller (MAC) address.

Some embodiments comprise a computer program executable on a processor, comprising: instructions for storing encoded machine-language instructions, wherein the encoded machine-language instructions are encoded according to a predetermined key; instructions for decoding each of the encoded machine-language instructions according to the predetermined key; and instructions for executing the decoded machine-language instructions.

Some embodiments comprise instructions for retrieving the encoded machine-language instructions from a memory. Some embodiments comprise instructions for storing one or more tables comprising associations between the encoded machine-language instructions and the decoded machine-language instructions, wherein the one or more tables are generated according to the predetermined key; wherein the instructions for decoding each of the encoded machine-language instructions comprise instructions for using the one or more tables to decode the encoded machine-language instructions. Some embodiments comprise instructions for retrieving the one or more tables from a memory. In some embodiments, at least one of the encoded machine-language instructions comprises a fixed portion and a variable portion; and the instructions for decoding each of the encoded machine-language instructions comprise instructions for decoding only the fixed portion of the at least one of the encoded machine-language instructions. In some embodiments, the fixed portion of the at least one of the encoded machine-language instructions comprises opcodes in a machine language employed in executing the decoded machine-language instructions. In some embodiments, the predetermined key is based on a media access controller (MAC) address.

The details of one or more implementations are set forth in the accompanying drawings and the description below. Other features will be apparent from the description and drawings, and from the claims.

FIG. 1 shows a data communication system comprising a network device in communication with a network according to a preferred embodiment of the present invention.

FIG. 2 shows a process for the network device of FIG. 1 according to a preferred embodiment of the present invention.

FIGS. 3A-3E show various exemplary implementations of the present invention.

The leading digit(s) of each reference numeral used in this specification indicates the number of the drawing in which the reference numeral first appears.

Embodiments of the present invention provide secure processors having encoded instructions. Such processors are especially useful for preventing attacks such as those described above.

According to a preferred embodiment of the present invention, each processor is assigned a key that is preferably unique. For example, the key can be the Media Access Control (MAC) address, or can be based upon the MAC address, of the network device comprising the processor. The processor code for each processor, for example code implementing the operating system for the processor, is encoded using the key assigned to that processor. Any sort of encoding scheme can be used. For example, a plurality of substitution schemes can be used, where each scheme is associated with one or more of the keys. In each substitution scheme, each instruction in the instruction set is mapped to a different predetermined substitute. With knowledge of which substitution scheme was used, for example using the key, the mapping can be used to recover the original instruction from the substitute. The method of encoding the instruction set via tables may also vary depending on the instruction set being encoded. Each implementation of a secure processor may use a different method for that instruction set to allow for the most efficient mapping from key to final opcode.

Each processor comprises a decoder to decode instructions, as they are fetched and before execution, according to the key assigned to that processor. The decoder loads one or more decoding tables, preferably when the processor boots up, and then decodes each instruction by applying the instruction to one or more of the decoding tables. The decoding tables are generated using the key assigned to the processor, and preferably comprise mappings between the uncoded and encoded machine-language instructions for the processor.

Preferably some of the machine-language instructions comprise a fixed portion and a variable portion. The fixed portions preferably comprise machine-language opcodes in the machine language of the processor. In these embodiments, the decoder decodes only the fixed portions of the machine-language instructions.

Processors according to embodiments of the present invention can be fabricated as one or more integrated circuits. Embodiments of the present invention comprise network devices comprising the processors and communication circuits in communication with the processors. In the case of wireless network devices, the network devices are preferably compliant with at least one of IEEE standards 802.11, 802.11a, 802.11b, 802.11e, 802.11g, 802.11k, 802.11n, 802.11v, 802.11w, 802.16, and 802.20.

FIG. 1 shows a data communication system 100 comprising a network device 102 in communication with a network 104 according to a preferred embodiment of the present invention. Network 104 can be implemented as a wide-area network such as the Internet, a local-area network (LAN), or the like. However, while embodiments of the present invention are described with respect to network communications, they are equally applicable to devices employing other forms of data communications such as direct links and the like.

Network device 102 comprises a processor 106, a memory 108 that is preferably non-volatile to store one or more decoding tables 110, a memory 112 that is preferably volatile to store encoded instructions 114 for processor 106, and a communication circuit 116. Processor 106 comprises an instruction fetcher 118 to fetch encoded instructions 114 from memory 112, a processor memory 120 to load and store decoding table(s) 110 from memory 108, a decoder 122 to decode encoded instructions 114 according to decoding table(s) 110, and an instruction processor 124 to execute the decoded instructions. Network device 102 can be implemented as any network device such as a computer, switch, router, network interface controller (NIC), and the like.

FIG. 2 shows a process 200 for network device 102 of FIG. 1 according to a preferred embodiment of the present invention. Although in the described embodiments, the elements of process 200 are presented in one arrangement, other embodiments may feature other arrangements, as will be apparent to one skilled in the relevant arts based on the disclosure provided herein.

In embodiments employing external decoding table(s) 110, processor 106 loads decoding table(s) 110 from memory 108 into processor memory 120 (step 202), preferably as part of a bootstrapping process so that decoding table(s) 110 are available in processor memory 120 when the first encoded instruction 114 is fetched.

Instruction fetcher 118 fetches an encoded machine-language instruction 114 from memory 112 (step 204), for example according to a program counter (not shown). As described above, encoded instructions 114 are encoded according to a key assigned to processor 106. The key is preferably unique to network device 102, and can be based on a MAC address of network device 102, for example. The key can be a single key, a pairwise key, or the like, as will be apparent to one skilled in the relevant arts based on the disclosure provided herein. The instructions are preferably encoded during linking, but can be encoded during other processes, for example during assembly and the like.

After each encoded instruction 114 is fetched, decoder 122 decodes the encoded machine-language instruction according to the key assigned to processor 106 (step 206), thereby recovering the original instruction as it was before being encoded. Decoder 122 applies the machine-language encoded instruction to decoding table(s) 110 stored in processor memory 120. Preferably each decoding table(s) 110 comprises associations between all or part of encoded machine-language instructions and the corresponding decoded machine-language instructions, and are generated according to the key assigned to processor 106. Where multiple decoding tables 110 are used, each decoding table 110 can include mappings for a different field of the instruction. For example, one decoding table 110 can include mappings for opcodes, while another decoding table 110 can include mappings for operands, and so on.

However, when decoding does not result in a legal processor instruction, a processor fault results, such as a general protection fault and the like. For example, if an attacker pushes instructions that have not been properly encoded according to embodiments of the present invention, decoding will produce an illegal instruction, which will result in a processor fault. Therefore, the attacker will be unable to further penetrate the system.

In some embodiments, a machine-language instruction 114 may comprise a fixed portion and a variable portion. For example, the fixed portions of machine-language instructions 114 can comprise machine-language opcodes in a machine-language of processor 106. In these embodiments, only the fixed portions of machine-language instructions 114 are decoded.

After decoding, instruction processor 124 executes the decoded machine-language instructions according to well-known techniques (step 208). If more instructions are to be executed (step 210), instruction fetcher 118 then fetches another encoded machine-language instruction 114 from memory 112 (returning to step 204). Otherwise, process 200 is done (step 212).

FIGS. 3A-3E show various exemplary implementations of the present invention. Referring now to FIG. 3A, the present invention can be implemented in a high definition television (HDTV) 312. The present invention may implement either or both signal processing and/or control circuits, which are generally identified in FIG. 3A at 313, a WLAN interface and/or mass data storage of the HDTV 312. The HDTV 312 receives HDTV input signals in either a wired or wireless format and generates HDTV output signals for a display 314. In some implementations, signal processing circuit and/or control circuit 313 and/or other circuits (not shown) of the HDTV 312 may process data, perform coding and/or encryption, perform calculations, format data and/or perform any other type of HDTV processing that may be required.

The HDTV 312 may communicate with mass data storage 315 that stores data in a nonvolatile manner such as optical and/or magnetic storage devices. The HDD may be a mini HDD that includes one or more platters having a diameter that is smaller than approximately 1.8″. The HDTV 312 may be connected to memory 316 such as RAM, ROM, low latency nonvolatile memory such as flash memory and/or other suitable electronic data storage. The HDTV 312 also may support connections with a WLAN via a WLAN network interface 317.

Referring now to FIG. 3B, the present invention implements a control system of a vehicle 318, a WLAN interface and/or mass data storage of the vehicle control system. In some implementations, the present invention implements a powertrain control system 319 that receives inputs from one or more sensors such as temperature sensors, pressure sensors, rotational sensors, airflow sensors 320 and/or any other suitable sensors and/or that generates one or more outputs 321 such as engine operating parameters, transmission operating parameters, and/or other control signals.

The present invention may also be implemented in other control systems 322 of the vehicle 318. The control system 322 may likewise receive signals from input sensors 323 and/or output control signals to one or more output devices 324. In some implementations, the control system 322 may be part of an anti-lock braking system (ABS), a navigation system, a telematics system, a vehicle telematics system, a lane departure system, an adaptive cruise control system, a vehicle entertainment system such as a stereo, DVD, compact disc system and the like. Still other implementations are contemplated.

The powertrain control system 319 may communicate with mass data storage 325 that stores data in a nonvolatile manner. The mass data storage 325 may include optical and/or magnetic storage devices for example hard disk drives (HDDs) and/or DVD drives. The HDD may be a mini HDD that includes one or more platters having a diameter that is smaller than approximately 1.8″. The powertrain control system 319 may be connected to memory 326 such as RAM, ROM, low latency nonvolatile memory such as flash memory and/or other suitable electronic data storage. The powertrain control system 319 also may support connections with a WLAN via a WLAN network interface 327. The control system 322 may also include mass data storage, memory and/or a WLAN interface (all not shown).

Referring now to FIG. 3C, the present invention can be implemented in a cellular phone 328 that may include a cellular antenna 329. The present invention may implement either or both signal processing and/or control circuits, which are generally identified in FIG. 3C at 330, a WLAN interface and/or mass data storage of the cellular phone 328. In some implementations, the cellular phone 328 includes a microphone 331, an audio output 332 such as a speaker and/or audio output jack, a display 333 and/or an input device 334 such as a keypad, pointing device, voice actuation and/or other input device. The signal processing and/or control circuits 330 and/or other circuits (not shown) in the cellular phone 328 may process data, perform coding and/or encryption, perform calculations, format data and/or perform other cellular phone functions.

The cellular phone 328 may communicate with mass data storage 335 that stores data in a nonvolatile manner such as optical and/or magnetic storage devices for example hard disk drives (HDDs) and/or DVD drives. The HDD may be a mini HDD that includes one or more platters having a diameter that is smaller than approximately 1.8″. The cellular phone 328 may be connected to memory 336 such as RAM, ROM, low latency nonvolatile memory such as flash memory and/or other suitable electronic data storage. The cellular phone 328 also may support connections with a WLAN via a WLAN network interface 337.

Referring now to FIG. 3D, the present invention can be implemented in a set top box 338. The present invention may implement either or both signal processing and/or control circuits, which are generally identified in FIG. 3D at 339, a WLAN interface and/or mass data storage of the set top box 338. The set top box 338 receives signals from a source such as a broadband source and outputs standard and/or high definition audio/video signals suitable for a display 340 such as a television and/or monitor and/or other video and/or audio output devices. The signal processing and/or control circuits 339 and/or other circuits (not shown) of the set top box 338 may process data, perform coding and/or encryption, perform calculations, format data and/or perform any other set top box function.

The set top box 338 may communicate with mass data storage 341 that stores data in a nonvolatile manner. The mass data storage 341 may include optical and/or magnetic storage devices for example hard disk drives (HDDs) and/or DVD drives. The HDD may be a mini HDD that includes one or more platters having a diameter that is smaller than approximately 1.8″. The set top box 338 may be connected to memory 342 such as RAM, ROM, low latency nonvolatile memory such as flash memory and/or other suitable electronic data storage. The set top box 338 also may support connections with a WLAN via a WLAN network interface 343.

Referring now to FIG. 3E, the present invention can be implemented in a media player 344. The present invention may implement either or both signal processing and/or control circuits, which are generally identified in FIG. 3E at 345, a WLAN interface 351 and/or mass data storage 349 of the media player 344. In some implementations, the media player 344 includes a display 346 and/or a user input 347 such as a keypad, touchpad and the like. In some implementations, the media player 344 may employ a graphical user interface (GUI) that typically employs menus, drop down menus, icons and/or a point-and-click interface via the display 346 and/or user input 347. The media player 344 further includes an audio output 348 such as a speaker and/or audio output jack. The signal processing and/or control circuits 345 and/or other circuits (not shown) of the media player 344 may process data, perform coding and/or encryption, perform calculations, format data and/or perform any other media player function.

The media player 344 may communicate with mass data storage 349 that stores data such as compressed audio and/or video content in a nonvolatile manner. In some implementations, the compressed audio files include files that are compliant with MP3 format or other suitable compressed audio and/or video formats. The mass data storage 349 may include optical and/or magnetic storage devices for example hard disk drives (HDDs) and/or DVD drives. The HDD may be a mini HDD that includes one or more platters having a diameter that is smaller than approximately 1.8″. The media player 344 may be connected to memory 350 such as RAM, ROM, low latency nonvolatile memory such as flash memory and/or other suitable electronic data storage. The media player 344 also may support connections with a WLAN via a WLAN network interface 351. Still other implementations in addition to those described above are contemplated.

Embodiments of the invention can be implemented in digital electronic circuitry, or in computer hardware, firmware, software, or in combinations of them. Apparatus of the invention can be implemented in a computer program product tangibly embodied in a machine-readable storage device for execution by a programmable processor; and method steps of the invention can be performed by a programmable processor executing a program of instructions to perform functions of the invention by operating on input data and generating output. The invention can be implemented advantageously in one or more computer programs that are executable on a programmable system including at least one programmable processor coupled to receive data and instructions from, and to transmit data and instructions to, a data storage system, at least one input device, and at least one output device. Each computer program can be implemented in a high-level procedural or object-oriented programming language, or in assembly or machine language if desired; and in any case, the language can be a compiled or interpreted language. Suitable processors include, by way of example, both general and special purpose microprocessors. Generally, a processor will receive instructions and data from a read-only memory and/or a random access memory. Generally, a computer will include one or more mass storage devices for storing data files; such devices include magnetic disks, such as internal hard disks and removable disks; magneto-optical disks; and optical disks. Storage devices suitable for tangibly embodying computer program instructions and data include all forms of non-volatile memory, including by way of example semiconductor memory devices, such as EPROM, EEPROM, and flash memory devices; magnetic disks such as internal hard disks and removable disks; magneto-optical disks; and CD-ROM disks. Any of the foregoing can be supplemented by, or incorporated in, ASICs (application-specific integrated circuits).

A number of implementations of the invention have been described. Nevertheless, it will be understood that various modifications may be made without departing from the spirit and scope of the invention. Accordingly, other implementations are within the scope of the following claims.

Rainnie, Hedley

Patent Priority Assignee Title
9832199, Sep 25 2015 International Business Machines Corporation Protecting access to hardware devices through use of a secure processor
Patent Priority Assignee Title
5148528, Feb 03 1989 HEWLETT-PACKARD DEVELOPMENT COMPANY, L P Method and apparatus for simultaneously decoding three operands in a variable length instruction when one of the operands is also of variable length
5784552, Jul 28 1993 HEWLETT-PACKARD DEVELOPMENT COMPANY, L P Debugging a computer program by simulating execution forwards and backwards in a main history log and alternative history logs
5999629, Oct 31 1995 THE CHASE MANHATTAN BANK, AS COLLATERAL AGENT Data encryption security module
6154865, Nov 13 1998 SILICON VALLEY BANK, AS ADMINISTRATIVE AGENT Instruction processing pattern generator controlling an integrated circuit tester
6240506, Oct 02 1998 Advanced Micro Devices, Inc. Expanding instructions with variable-length operands to a fixed length
6438235, Aug 05 1998 HEWLETT-PACKARD DEVELOPMENT COMPANY, L P Media content protection utilizing public key cryptography
6550011, Aug 05 1998 HEWLETT-PACKARD DEVELOPMENT COMPANY, L P Media content protection utilizing public key cryptography
6683954, Oct 23 1999 ENTRIQ INC ; IRDETO USA, INC Key encryption using a client-unique additional key for fraud prevention
6782478, Apr 28 1999 DIGITAL IMMUNITY LLC Techniques for encoding information in computer code
7076800, Feb 20 2001 Kabushiki Kaisha Toshiba IC card terminal unit and IC card duplication method
7093099, Dec 12 2002 RPX Corporation Native lookup instruction for file-access processor searching a three-level lookup cache for variable-length keys
7380135, Aug 28 2002 Nippon Hoso Kyokai Diligent control of preview of stored contents
7546468, Nov 15 2002 PANASONIC SEMICONDUCTOR SOLUTIONS CO , LTD Program update method and server
20020095382,
20020114468,
20020122553,
20030023960,
20030118189,
20030195891,
20040034785,
20040117600,
20060050870,
20070256122,
/////
Executed onAssignorAssigneeConveyanceFrameReelDoc
Aug 23 2006RAINNIE, HEDLEYMARVELL SEMICONDUCTOR, INC ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0182200497 pdf
Aug 24 2006MARVELL SEMICONDUCTOR, INC MARVELL INTERNATIONAL LTDASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0182430279 pdf
Aug 25 2006Marvell International Ltd.(assignment on the face of the patent)
Dec 31 2019MARVELL INTERNATIONAL LTDCAVIUM INTERNATIONALASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0529180001 pdf
Dec 31 2019CAVIUM INTERNATIONALMARVELL ASIA PTE, LTDASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0534750001 pdf
Date Maintenance Fee Events
Nov 10 2014M1551: Payment of Maintenance Fee, 4th Year, Large Entity.
Nov 05 2018M1552: Payment of Maintenance Fee, 8th Year, Large Entity.
Nov 01 2022M1553: Payment of Maintenance Fee, 12th Year, Large Entity.


Date Maintenance Schedule
May 10 20144 years fee payment window open
Nov 10 20146 months grace period start (w surcharge)
May 10 2015patent expiry (for year 4)
May 10 20172 years to revive unintentionally abandoned end. (for year 4)
May 10 20188 years fee payment window open
Nov 10 20186 months grace period start (w surcharge)
May 10 2019patent expiry (for year 8)
May 10 20212 years to revive unintentionally abandoned end. (for year 8)
May 10 202212 years fee payment window open
Nov 10 20226 months grace period start (w surcharge)
May 10 2023patent expiry (for year 12)
May 10 20252 years to revive unintentionally abandoned end. (for year 12)